Today I'm gonna write about Qubes-OS, the amazing project that provide you a Strong Security Desktop (SSD). I'm wishing to try it out.
This project can become in the Next Generation Security OS. Sincerely I will bet for that.
What is Qube?
Qubes is an open source operating system designed to provide strong security for desktop computing. Qubes is based on Xen, X Window System, and Linux, and can run most Linux applications and utilize most of the Linux drivers. In the future it might also run Windows apps.
Qubes implements Security by Isolation approach. To do this, Qubes utilizes virtualization technology, to be able to isolate various programs from each other, and even sandbox many system-level components, like networking or storage subsystem, so that their compromise don’t affect the integrity of the rest of the system.
Qubes lets the user define many security domains implemented as lightweight Virtual Machines (VMs), or “AppVMs”. E.g. user can have “personal”, “work”, “shopping”, “bank”, and “random” AppVMs and can use the applications from within those VMs just like if they were executing on the local machine, but at the same time they are well isolated from each other. Qubes supports secure copy-and-paste and file sharing between the AppVMs, of cours
Who doesn't want to try it out now?? I wanna try it out... so Where can I obtain it?
In this example, the word processor runs in the “work” domain, which has been assigned “green” label, and is fully isolated from other domains, such as the “red” domain (assigned the “red” label -- “Watch out!”, “Danger!”) used for random Web browsing, news reading, etc. Apps from different domains run in different AppVMs and have different X servers, filesystems, etc. Notice the different color frames (labels), and VM names in the titlebar -- these are drawn by the trusted Window Manager running in Dom0 and apps running in domains cannot fake them.
|Different Security AppVMs Domains.|
This feature is one of my favorites:
All the networking runs in a special, unprivileged NetVM (notice the red frame around the NetworkManager dialog box on the screen bellow). Thanks to this, a potential compromise of your network card driver, or WiFi stack, or DHCP client, would not affect the integrity of the rest of the system! This feature requires Intel VT-d or AMD IOMMU hardware (e.g. Core i5/i7 systems)
|Network Managed in Insolation NetVM.|
The most important documentation about the project is store and share it in the following wiki system: http://wiki.qubes-os.org/trac
The Installation guide provide all you need to know for install and prepare your equipment before start the configuration process.
You can download the ISO and the digital signature for the ISO from here:
See this page for more info about how to download and verify our GPG keys. Then, verify the downloaded ISO:
gpg -v <iso>.ascIt's so important to know the System requeriments:
- 4GB of RAM
- 64-bit Intel or AMD processor (x86_64 aka x64 aka AMD64)
- Intel GPU strongly preferred (if you have Nvidia GPU, prepare for some troubleshooting; we haven't tested ATI hardware)
- 10GB of disk (Note that it is possible to install Qubes on an external USB disk, so that you can try it without sacrificing your current system. Mind, however, that USB disks are usually SLOW!)
- Fat SSD disk strongly recommended
- Intel VT-d or AMD IOMMU technology (this is needed for effective isolation of your network VMs)
How Can I install Qube-OS in an USB Stick? The response to this cuestion can be find out in the following guide.
This is all! Do you like this OS? I suppose that is yes! ...